Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666130303a3a2f34302d3438203d3e20323134333635.roa
File: 326131343a316563373a666130303a3a2f34302d3438203d3e20323134333635.roa (raw, json)
Hash identifier: mfRAEfAM/Ik+prWgDH92jLkjVIcmPRfzo1kMxVmUq4c=
Subject key identifier: F1:D2:1D:9E:1C:E3:2F:C3:A0:42:5E:7A:5E:0F:4E:9F:90:0D:F5:28
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 4113D4EF65E808C9346CA5D9A07DFF2519FF84E7
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666130303a3a2f34302d3438203d3e20323134333635.roa
Signing time: Sun 22 Sep 2024 20:55:31 +0000
ROA not before: Sun 22 Sep 2024 20:50:31 +0000
ROA not after: Sun 21 Sep 2025 20:55:31 +0000
asID: 214365
IP address blocks: 2a14:1ec7:fa00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:13:d4:ef:65:e8:08:c9:34:6c:a5:d9:a0:7d:ff:25:19:ff:84:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: Sep 22 20:50:31 2024 GMT
Not After : Sep 21 20:55:31 2025 GMT
Subject: CN=F1D21D9E1CE32FC3A0425E7A5E0F4E9F900DF528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:2c:eb:9e:a9:cc:4a:14:6f:16:84:49:25:5c:
5e:fd:51:97:49:c6:e1:6b:72:d4:b2:72:a4:25:29:
8b:31:24:33:c5:89:cd:01:74:93:cb:16:b6:22:46:
f3:23:97:e7:c3:f7:95:e7:c3:e8:46:60:b5:a9:33:
e2:25:9b:db:c8:be:af:42:49:7a:9b:28:b5:4e:3b:
ec:25:3d:ed:ea:24:ad:d2:08:04:ca:7f:01:7f:97:
ff:76:98:62:99:23:c1:4c:1a:8d:58:d6:9b:b8:77:
cd:b0:0f:4c:70:18:89:ee:0b:1d:6c:fb:1e:e0:32:
5e:e1:43:d6:57:ec:39:ed:25:4b:70:8a:0b:b4:8b:
a0:f8:18:5f:a6:1a:b3:1c:90:74:60:dd:3b:fd:ef:
b3:6e:2a:b1:51:c4:bb:4c:14:9f:ba:90:fc:d0:98:
00:29:b4:64:f1:31:8e:1a:7f:e0:e7:1a:d5:8a:a2:
d5:0e:f0:1f:9f:d6:b1:e2:f1:98:d9:e9:97:85:be:
e4:16:9a:9f:f9:d8:c6:9c:67:ea:c4:d4:74:2c:e8:
a7:9b:4a:0b:b2:b9:81:c6:9d:a6:49:60:bd:9c:b3:
d1:bd:ae:e4:c9:03:f5:eb:5e:aa:28:2b:73:a6:bd:
49:ce:dc:09:b4:75:90:3e:87:7c:a5:cb:d5:ca:76:
03:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:D2:1D:9E:1C:E3:2F:C3:A0:42:5E:7A:5E:0F:4E:9F:90:0D:F5:28
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666130303a3a2f34302d3438203d3e20323134333635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:fa00::/40
Signature Algorithm: sha256WithRSAEncryption
93:d3:32:29:48:fd:34:f0:75:c6:af:87:be:b2:cb:ef:cb:e5:
28:32:11:50:9f:1e:14:a3:8c:61:ea:25:bd:73:ef:af:2d:ef:
07:2c:1e:3d:42:fe:c2:39:3d:10:4e:f2:33:6f:4c:12:69:ef:
20:4a:61:fc:69:73:09:f8:a9:d8:eb:90:5d:98:09:75:69:18:
20:26:f6:a7:83:1a:8c:01:f5:77:45:ae:42:24:06:67:d6:9e:
7a:7d:2a:cd:2f:53:a7:6e:c8:aa:04:4c:71:58:ca:2a:ab:d3:
6c:f5:91:64:c5:1e:ed:f3:87:83:5d:f9:48:b5:52:77:72:f8:
15:cd:34:a3:83:bb:f8:8e:90:2b:67:26:df:93:1b:3e:23:a4:
14:99:a2:d9:eb:f0:f3:4c:2b:d5:3e:c9:06:a5:56:de:d4:09:
0a:29:b9:e9:25:f4:9f:8f:c8:0d:8e:59:e2:02:ac:c7:fc:9c:
dd:1d:dd:13:01:2f:4d:a6:45:fb:c8:4b:2d:b0:56:38:ed:f6:
fe:ba:d2:b1:c1:f5:0a:04:77:01:e5:09:f7:7a:43:3e:eb:32:
86:c0:4f:20:88:2c:93:54:5a:ac:66:9f:35:73:c6:d2:f9:d5:
43:64:93:71:f6:8e:20:5b:8f:11:4d:8a:42:06:fa:42:9b:16:
68:04:19:ab
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUQRPU72XoCMk0bKXZoH3/JRn/hOcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNDA5MjIyMDUwMzFaFw0yNTA5MjEyMDU1MzFaMDMxMTAvBgNV
BAMTKEYxRDIxRDlFMUNFMzJGQzNBMDQyNUU3QTVFMEY0RTlGOTAwREY1MjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTLOueqcxKFG8WhEklXF79UZdJ
xuFrctSycqQlKYsxJDPFic0BdJPLFrYiRvMjl+fD95Xnw+hGYLWpM+Ilm9vIvq9C
SXqbKLVOO+wlPe3qJK3SCATKfwF/l/92mGKZI8FMGo1Y1pu4d82wD0xwGInuCx1s
+x7gMl7hQ9ZX7DntJUtwigu0i6D4GF+mGrMckHRg3Tv977NuKrFRxLtMFJ+6kPzQ
mAAptGTxMY4af+DnGtWKotUO8B+f1rHi8ZjZ6ZeFvuQWmp/52MacZ+rE1HQs6Keb
SguyuYHGnaZJYL2cs9G9ruTJA/XrXqooK3OmvUnO3Am0dZA+h3yly9XKdgNHAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQU8dIdnhzjL8OgQl56Xg9On5AN9SgwHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2E2NjYxMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNDMzMzYzNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoUHsf6MA0GCSqGSIb3DQEBCwUAA4IBAQCT0zIpSP008HXGr4e+
ssvvy+UoMhFQnx4Uo4xh6iW9c++vLe8HLB49Qv7COT0QTvIzb0wSae8gSmH8aXMJ
+KnY65BdmAl1aRggJvangxqMAfV3Ra5CJAZn1p56fSrNL1OnbsiqBExxWMoqq9Ns
9ZFkxR7t84eDXflItVJ3cvgVzTSjg7v4jpArZybfkxs+I6QUmaLZ6/DzTCvVPskG
pVbe1AkKKbnpJfSfj8gNjlniAqzH/JzdHd0TAS9NpkX7yEstsFY47fb+utKxwfUK
BHcB5Qn3ekM+6zKGwE8giCyTVFqsZp81c8bS+dVDZJNx9o4gW48RTYpCBvpCmxZo
BBmr
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:15:23 2024 by rpki-client on console-ams.rpki-client.org